deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
gitlabhq/lib/api
History
Sebastian Ziebell e9d3b96595 API: fixes visibility of project hook 
When a user is not authorized to see the list of hooks for a project, he is
still able to access the hooks separately. For example if access to
`GET /projects/:id/hooks` fails and returns a `403 Unauthorized` error it is
still possible to access a hook directly via `GET /projects/:id/hooks/:hook_id`.

Fixes access, also added tests to check access and status codes of hooks.
2013-02-16 14:42:49 +01:00
..
entities.rb Code deduplication using inheritance for GroupDetail 2013-02-03 19:38:33 +01:00
groups.rb Fix groups api: differ between users and admin 2013-02-01 15:00:12 +01:00
helpers.rb Fix namespace api autocomplete 2012-12-12 12:54:28 +02:00
internal.rb deploy keys support for gitlab-shell api 2013-02-07 09:56:13 +02:00
issues.rb Fixed missing current user for issue observer 2013-01-02 20:25:25 +02:00
merge_requests.rb Remove all references tp the project code parameter from the API 2012-12-21 18:47:04 +01:00
milestones.rb Remove all references tp the project code parameter from the API 2012-12-21 18:47:04 +01:00
notes.rb Expose MergeRequest object as a notable in the API to allow for easy retrieval of comments 2013-01-29 21:15:13 -08:00
projects.rb API: fixes visibility of project hook 2013-02-16 14:42:49 +01:00
session.rb API: return 401 for invalid session 2012-09-20 08:38:08 -07:00
users.rb Extended users API to support updating and deleting users. 2012-12-18 21:24:31 +02:00